Is AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients? According to http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?

Does AirVPN validate its certs properly in the connection process?
#2
Posted 27 October 2016 - 05:01 PM
Is AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients?
No.
According to http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?
Safe. Frankly, we don't even know whether VPN services without client-side certificate validation exist. Probably not but if you find them, avoid them at all costs.
The only way to break the trust is suggested in the thread you linked and requires a compromised system, just like you would do with HTTPS. Any security consideration and audit must start from a non-compromised system, obviously.
Kind regards
#3
Posted 27 October 2016 - 05:49 PM
Hello!
If Airs site was vulnerable to like so, it would totally ruin Airs Christmas!
You can also check the specs, if you haven't .
Welcome to AirVPN.
Tired of Windows? Why Linux Is Better.
Similar Topics
Topic | Forum | Started By | Stats | Last Post Info | |
---|---|---|---|---|---|
Airdns - Connections Limited? |
Troubleshooting and Problems | brunozo |
|
![]() |
|
airvpn.org and Netflix blocked |
Blocked websites warning | chuckhammerberry |
|
![]() |
|
How-to: AirVPN on Synology DS6 complete guide![]() |
How-To | Mikeyy |
|
![]() |
|
Pinned Alternative AirVPN client with provider-independent double-hop support (GNU/Linux)![]() |
Off-Topic | corrado |
|
![]() |
|
Configure Asuswrt Merlin OpenVPN-Server for access with AirVPN Port-Forwarding![]() |
Troubleshooting and Problems | Wolfschiesst |
|
![]() |
Also tagged with one or more of these keywords: certs, connection, VPN, MiTM, sysadmin
Community →
Eddie - AirVPN Client →
Frequent VPN error messages on Android.Started by cdysthe, 15 Feb 2019 ![]() |
|
![]() |
||
![]() Unable to connect to local network over wifiStarted by FII3l6H5Un8, 16 Jan 2019 ![]() |
|
![]() |
||
Community →
General & Suggestions →
Most Common Problems & Their Suggested SolutionsStarted by LZ1, 30 Dec 2018 ![]() |
|
![]() |
||
Community →
Other VPN competitors or features →
Run my own VPN over Softether within a VPS serverStarted by JMennuni, 19 Dec 2018 ![]() |
|
![]() |
||
Community →
Troubleshooting and Problems →
Persei server and RARBG problems...AGAIN!Started by Amadore, 03 Nov 2018 ![]() |
|
![]() |
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users